CVE-2006-5721 - The \Device\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) allows local users to cause a d

CVE-2006-5721

Summary

The \Device\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) allows local users to cause a denial of service (system crash) via an invalid argument to the DeviceIoControl function that triggers an invalid memory operation.

References

Vulnerable Configurations

cpe:2.3:a:agnitum:outpost_firewall:4.0:*:pro:*:*:*:*:*
cpe:2.3:a:agnitum:outpost_firewall:4.0:*:pro:*:*:*:*:*

CVSS

Base:	4.9 (as of 17-10-2018 - 21:44)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:N/I:N/A:C

refmap via4

bid	20860
bugtraq	20061101 Outpost Insufficient validation of 'SandBox' driver input buffer
misc	http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php
sectrack	1017150
secunia	22673
sreason	1821
vupen	ADV-2006-4309
xf	outpostfirewall-sandbox-dos(29969)

Last major update

17-10-2018 - 21:44

Published

04-11-2006 - 01:07

Last modified

17-10-2018 - 21:44